Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,736
Maven
5,000+
npm
4,336
NuGet
764
pip
4,110
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

41 advisories

Loading
pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and... Moderate Unreviewed
CVE-2025-55552 was published Sep 25, 2025
A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in... Moderate Unreviewed
CVE-2025-5372 was published Jul 4, 2025
The mstatus register in RSD commit 3d13a updates incorrectly, leading to processing errors. Moderate Unreviewed
CVE-2024-25883 was published Feb 7, 2025
There exists a denial of service through Data corruption in gRPC-C++ - gRPC-C++ servers with... Moderate Unreviewed
CVE-2024-11407 was published Nov 26, 2024
Improper access control vulnerability in M-Files Aino in versions before 24.10 allowed an... Moderate Unreviewed
CVE-2024-11176 was published Nov 20, 2024
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix... Moderate Unreviewed
CVE-2024-42231 was published Jul 30, 2024
Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with... Moderate Unreviewed
CVE-2023-43490 was published Mar 14, 2024
Due to a code bug in Secure_TSC, SEV firmware may allow an attacker with high privileges to cause... Moderate Unreviewed
CVE-2023-31347 was published Feb 13, 2024
Vyper's `_abi_decode` input not validated in complex expressions Moderate
CVE-2023-42460 was published for vyper (pip) Sep 26, 2023
trocher
Credited to trocher
An issue in Ethereum Blockchain v0.1.1+commit.6ff4cd6 cause the balance to be zeroed out when the... Moderate Unreviewed
CVE-2023-36980 was published Sep 11, 2023
A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font-... Moderate Unreviewed
CVE-2023-3161 was published Jun 12, 2023
OpenZeppelin Contracts contains Incorrect Calculation Moderate
CVE-2023-26488 was published for @openzeppelin/contracts (npm) Mar 3, 2023
Incorrect calculation in microcode keying mechanism for some 3rd Generation Intel(R) Xeon(R)... Moderate Unreviewed
CVE-2022-33972 was published Feb 16, 2023
Weight not properly refunded after EVM execution Moderate
CVE-2022-39242 was published for pallet-ethereum (Rust) Sep 23, 2022
Cranelift vulnerable to miscompilation of constant values in division on AArch64 Moderate
CVE-2022-31169 was published for cranelift-codegen (Rust) Jul 21, 2022
akirilov-arm
Credited to akirilov-arm
Miscompilation of `i8x16.swizzle` and `select` with v128 inputs Moderate
CVE-2022-31104 was published for cranelift-codegen (Rust) Jun 29, 2022
alexcrichton MaineK00n
Credited to alexcrichton and MaineK00n
ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from... Moderate Unreviewed
CVE-2019-16346 was published May 24, 2022
ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from... Moderate Unreviewed
CVE-2019-16347 was published May 24, 2022
In Enbra EWM in Version 1.7.29 together with several tested wireless M-Bus Sensors the events... Moderate Unreviewed
CVE-2021-34573 was published May 24, 2022
The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read... Moderate Unreviewed
CVE-2021-29945 was published May 24, 2022
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect... Moderate Unreviewed
CVE-2021-3114 was published May 24, 2022
ati_2d_blt in hw/display/ati_2d.c in QEMU 4.2.1 can encounter an outside-limits situation in a... Moderate Unreviewed
CVE-2020-27616 was published May 24, 2022
A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95.... Moderate Unreviewed
CVE-2019-20051 was published May 24, 2022
Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that... Moderate Unreviewed
CVE-2016-9377 was published May 17, 2022
A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in... Moderate Unreviewed
CVE-2017-8932 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database